~poptart/ptvm

1f2100a80044168dd97186e267abd274387d3b12 — poptart 1 year, 2 months ago
Added external ready generator
49 files changed, 2855 insertions(+), 0 deletions(-)

A .gitignore
A README.md
A genimg
A machine-config.nix
A packages/burp-pro.nix
A packages/pretender.nix
A patches/0001-dwm-hosaka-colors.patch
A patches/0001-st-hosaka-colors.patch
A profiles/debug.nix
A profiles/hosaka.nix
A profiles/kali-default.nix
A profiles/kali-xfce.nix
A profiles/kali/README.md
A profiles/kali/kali-linux-core.nix
A profiles/kali/kali-linux-default.nix
A profiles/kali/kali-linux-everything.nix
A profiles/kali/kali-linux-headless.nix
A profiles/kali/kali-linux-labs.nix
A profiles/kali/kali-linux-large.nix
A profiles/kali/kali-tools-802-11.nix
A profiles/kali/kali-tools-bluetooth.nix
A profiles/kali/kali-tools-crypto-stego.nix
A profiles/kali/kali-tools-database.nix
A profiles/kali/kali-tools-exploitation.nix
A profiles/kali/kali-tools-forensics.nix
A profiles/kali/kali-tools-fuzzing.nix
A profiles/kali/kali-tools-gpu.nix
A profiles/kali/kali-tools-hardware.nix
A profiles/kali/kali-tools-information-gathering.nix
A profiles/kali/kali-tools-passwords.nix
A profiles/kali/kali-tools-post-exploitation.nix
A profiles/kali/kali-tools-reporting.nix
A profiles/kali/kali-tools-reverse-engineering.nix
A profiles/kali/kali-tools-rfid.nix
A profiles/kali/kali-tools-sdr.nix
A profiles/kali/kali-tools-sniffing-spoofing.nix
A profiles/kali/kali-tools-social-engineering.nix
A profiles/kali/kali-tools-top10.nix
A profiles/kali/kali-tools-voip.nix
A profiles/kali/kali-tools-vulnerability.nix
A profiles/kali/kali-tools-web.nix
A profiles/kali/kali-tools-windows-resources.nix
A profiles/kali/kali-tools-wireless.nix
A profiles/kali/meta.nix
A profiles/pentest.nix
A qemu.nix
A template.nix
A util/gen-list.sh
A zfs.nix
A  => .gitignore +22 -0
@@ 1,22 @@
result
*.qcow2
*.raw
build.nix
workspace/
util/xx*
util/*-nix
util/*.nix
util/kali.list
util/meta-control


# Added by cargo

/target


# Added by cargo
#
# already existing elements were commented out

#/target

A  => README.md +63 -0
@@ 1,63 @@
# NixOS Testing VM

Managing environments, per-client isolation, and retention can be hard in the pentesting world and historically has been a pretty manual or scripted process that is prone to error. This project attempts to create reproducible virtual machine environments for testing, but also generating a single-use set of home directories belonging to each engagement. This creates a single encrypted location where specific client data could resign and allows for much easier management of environments *and* maintanence of client retention.

Additionally, the tooling provides integration into `libvirt` to automatically create a test environment and even fully maintain the domains.

## Features

* Generates a seperate disk image for the testing user for easy deletion of client data
	* `nixos.qcow2` - The OS disk image containing all the tooling needed for testing
	* `user.qcow2` - User home directory utilizing disk encryption
	* `keydrive.qcow2` - Key drive file. Thin wrapper that contains the decryption data for the user drive.
* Has a majority of the important kali packages
* Replaces a couple of crusty packages with their replacements:
	* `responder` -> `pretender`
	* `ecryptfs` -> `gocryptfs`
* Profile driven, allowing customization by creating a new profile and importing it. An example one is provided with a complex configuration in [profiles/hosaka.nix](profiles/hosaka.nix).

### Goals

* Interchange-able `user` disks to allow for swapping between different OS image builds quickly
* Move from generative to declarative and then allow generative by import
* Support other rootfs (ie zfs)
* Allow for FDE on the rootfs if necessary
* Better dynamic snapshots focusing only on user data
* Automatic retention enforcement
* Generate automatically based on scoping profiles, including creating on host autocompletion
* Support for non-QEMU based hypervisors
* TPM support

## Usage

Currently this is just a beta project and is proven to successfully build quick images when I need them for a test:

Generator: 
```bash-session
# edit variables in genimg
$ ./genimg "$PASSWORD"
62VFY65RNHPZ6
$ export ID=62VFY65RNHPZ6
62VFY65RNHPZ6
$ virt-install --name nixos-${ID} --memory 10240 --vcpus=2 --disk path=./${ID}/nixos.qcow2,format=qcow2,boot.order=1  --disk path=./${ID}/user.qcow2,format=qcow2  --disk path=./${ID}/keydrive.qcow2,format=qcow2 --os-type=nixos-unstable --video virtio --print-xml | virsh define /dev/stdin
Domain 'nixos-62VFY65RNHPZ6' defined from /dev/stdin
```
## How it works

The main components generated by the tooling is:

* `machines` - Entire virtual machines created from NixOS to create reproducible environments. Theoretically you could hand a client or other tester your build and yourtests are reproducible without fuss. 
* `homes` - An encrypted volume that is generated and represents an dataset to be used for an engagement or set of engagements.
* `keydrive`- A very thin disk image that contains the decryption information for a home environment.

The way this is structured allows interchangable host OS environments for whatever the needs are. It also allows for whole VM upgrades without changing the home environment. Just swap in and out keydrives and machines.

Additionally, this creates a interesting profile based structure that allows for more deep customization per-test need. Sometimes you don't need cross compiling, sometimes you do need wireless tools, sometimes you just miss your old desktop environment. All just knobs.

## Requirements

- `libvirtd` - Optional 

## Dev Notes

`virt-install --name nixos-3AP5YK3PPKQVI --memory 10240 --vcpus=2 --disk path=./3AP5YK3PPKQVI/nixos.qcow2,format=qcow2,boot.order=1  --disk path=./3AP5YK3PPKQVI/user.qcow2,format=qcow2 -v --os-type=nixos-unstable --boot hd`

A  => genimg +96 -0
@@ 1,96 @@
#!/usr/bin/env bash

set -e

SSH_PUB="$(cat ${HOME}/.ssh/id_ed25519.pub)"
ID="$(openssl rand 8  | base32 -w0 | tr -d '=')"
HOSTNAME="$ID"
USERNAME="tester"
if [ $# -lt 1 ]; then
	echo "Missing password argument: $0 PASSWORD"
	exit 1
fi
PASSWORD="$1"
USERDISKSIZE="10G"
UUID=$(uuidgen)
UUID_KEY=$(uuidgen)
ALLOWED_TCP="" #use "22 80 443" format
ALLOWED_UDP="" #use "161 53" format
#ZFS_KEY="$(dd if=/dev/urandom of=/dev/stdout bs=32 count=1 2>/dev/null | xxd -ps -c0)"
HOSTID="$(head -c 8 /etc/machine-id)"

if ! [ -x "$(command -v nix)" ]
then
	echo "Nix install required"
	exit 1
fi
# TODO(rust) handlebars-rust - https://github.com/sunng87/handlebars-rust
sed -e "s/{{SSH_PUB}}/$SSH_PUB/g" \
	-e "s/{{UUID}}/$UUID/g" \
	-e "s/{{UUID_KEY}}/$UUID_KEY/g" \
	-e "s/{{HOSTNAME}}/$HOSTNAME/g" \
	-e "s/{{ID}}/$ID/g" \
	-e "s/{{USERNAME}}/$USERNAME/g" \
	-e "s/{{PASSWORD}}/$PASSWORD/g" \
	-e "s/{{ALLOWED_TCP}}/$ALLOWED_TCP/g" \
	-e "s/{{ALLOWED_UDP}}/$ALLOWED_UDP/g" \
	-e "s/{{HOSTID}}/$HOSTID/g" \
	"./template.nix" > build.nix
mkdir -p "workspace/$ID"
mkdir -p "workspace/$ID/mnt"
mkdir -p "workspace/$ID/mnt-home"
#mkdir -p "workspace/$ID/zfs"
# TODO(rust) crosvm - https://crosvm.dev/doc/disk/qcow/struct.QcowFile.html
qemu-img create -f raw "workspace/$ID/user.raw" "$USERDISKSIZE" >> "workspace/$ID/log"
#printf "%s" "$ZFS_KEY" > "workspace/$ID/user_key"
#sudo zpool create \
#    -o ashift=12 \
#    -o autotrim=on \
#    -O acltype=posixacl \
#    -O compression=zstd \
#    -O dnodesize=auto \
#    -O normalization=formD \
#    -O relatime=on \
#    -O xattr=sa \
#    -O mountpoint="/home/" \
#    -m "$(readlink -f "./workspace/$ID/zfs")" \
#    pentest "$(readlink -f "./user.raw")" || sudo zpool export pentest
#sudo zfs create \
# -o canmount=on \
# -o encryption=on \
# -o keylocation="file://$(readlink -f ./workspace/$ID/user_key)" \
# -o keyformat=hex \
# pentest/home || sudo zpool export pentest
#sudo zpool export pentest
# TODO(rust) crosvm - https://crosvm.dev/doc/disk/qcow/struct.QcowFile.html
qemu-img create -f raw "workspace/$ID/keydrive.raw" "8M" >> "workspace/$ID/log" 
sudo mkfs.ext4 -q -U "$UUID_KEY" -L "keydrive" "workspace/$ID/keydrive.raw" >> "workspace/$ID/log"
# TODO(rust) sys_mount - https://docs.rs/sys-mount/latest/sys_mount/
sudo mount -t ext4 "workspace/$ID/keydrive.raw" "./workspace/$ID/mnt/" >> "workspace/$ID/log"
# TODO(rust) getrandom - https://github.com/rust-random/getrandom
sudo dd bs=512 count=8 if=/dev/random of="./workspace/$ID/mnt/user_key" iflag=fullblock >> "workspace/$ID/log" 2>&1 
#bug, requires sudo...
# TODO(rust) libcryptsetup-rs - https://github.com/stratis-storage/libcryptsetup-rs
sudo cryptsetup -q --type luks2 --cipher aes-xts-plain64 --hash sha512 --iter-time 5000 --key-size 256 --pbkdf argon2id --use-urandom --label "user-luks" --uuid "$UUID" luksFormat "workspace/$ID/user.raw" "./workspace/$ID/mnt/user_key" >> "workspace/$ID/log"
sudo cryptsetup open --type luks --key-file "./workspace/$ID/mnt/user_key" "workspace/$ID/user.raw" "user-luks" >> "workspace/$ID/log"
#sudo mkfs.ext4 -U "$UUID" -L "user" /dev/mapper/user-luks
# TODO(rust) libguestfs - https://docs.rs/guestfs/0.1.0/guestfs/struct.Handle.html#method.mkfs
sudo mkfs.ext4 -q -L "user" /dev/mapper/user-luks >> "workspace/$ID/log"
sudo mount /dev/mapper/user-luks "workspace/$ID/mnt-home" >> "workspace/$ID/log"
sudo chown 1000:1001 "workspace/$ID/mnt-home"  >> "workspace/$ID/log" 
sudo umount "workspace/$ID/mnt-home" >> "workspace/$ID/log"
sudo cryptsetup close "user-luks" >> "workspace/$ID/log"
qemu-img convert -f raw -O qcow2 "workspace/$ID/user.raw" "workspace/$ID/user.qcow2" >> "workspace/$ID/log"
rm "workspace/$ID/user.raw"
cp "build.nix" "workspace/$ID/build.nix" 
# TODO(rust) rnix-parser https://github.com/nix-community/rnix-parser
nix-build -I nixpkgs=channel:nixpkgs-unstable qemu.nix #>> "workspace/$ID/log" 2>&1 #--show-trace
cp "result/nixos.qcow2" "workspace/$ID/nixos.qcow2" 
chmod 0640 "workspace/$ID/nixos.qcow2"
sudo umount "./workspace/$ID/mnt/"
qemu-img convert -f raw -O qcow2 "workspace/$ID/keydrive.raw" "workspace/$ID/keydrive.qcow2" >> "workspace/$ID/log"
rm "workspace/$ID/keydrive.raw"
echo "$ID"
#export ID=UQCJLASJ5FQEE
#virt-install --name nixos-${ID} --memory 10240 --vcpus=2 --disk path=./${ID}/nixos.qcow2,format=qcow2,boot.order=1  --disk path=./${ID}/user.qcow2,format=qcow2  --disk path=./${ID}/keydrive.qcow2,format=qcow2 -v --os-type=nixos-unstable --boot hd; virsh destroy --domain nixos-${ID} --video virtio; virsh undefine --domain nixos-${ID}


A  => machine-config.nix +85 -0
@@ 1,85 @@
{ config, modulesPath, pkgs, lib, ... }:
{
  imports = [  
  	<nixpkgs/nixos/modules/profiles/hardened.nix> 
  	<nixpkgs/nixos/modules/profiles/qemu-guest.nix> 
	./build.nix
	#./zfs.nix
  ];

  environment.systemPackages = with pkgs; [
	xorg.xf86videoqxl
	virglrenderer
  ];
  networking.useDHCP = true;
  services.openssh = {
  	enable = true;
    	permitRootLogin = "no";
  };
  boot = {
  	initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "virtio_balloon" "virtio_blk" "virtio_pci" "virtio_ring" ];
  	initrd.kernelModules = [ ];
	kernelModules = [ "uinput" ];
  	extraModulePackages = [ ];

  	loader.grub.enable = true;
  	loader.grub.version = 2;
  	kernelParams = [ "console=ttyS0" ];
	growPartition = true;
  	loader.grub.device = "/dev/vda";
  	initrd.luks.devices.user-luks = {
  	  device = "/dev/disk/by-label/user-luks";
  	  allowDiscards = true;
  	  keyFileSize = 4096;
  	  keyFile = "/key/user_key";
	  preLVM = false;
  	};
	#shell_on_fail = true;
	initrd.verbose = true;
  	cleanTmpDir = true;
  };
  # Work around - https://bugs.gentoo.org/829759
  #boot.kernelPackages = pkgs.linuxPackages_5_10;
  #systemd.enableEmergencyMode = true;
  networking = {
    # avoid checking if IP is already taken to boot a few seconds faster
    dhcpcd.extraConfig = "noarp";
  };

  security.auditd.enable = true;
  security.audit.enable = true;
  security.audit.rules = [
    "-a exit,always -F arch=b64 -S execve"
  ];
  #nix.allowedUsers = [ "root" ];
  nix.settings.allowed-users = [ "root" ];

  nixpkgs.config.allowUnfree = true;
  fileSystems."/" = {
    device = "/dev/disk/by-label/nixos";
    fsType = "ext4";
  };

  #fileSystems."/" = {
  #  device = "tank";
  #  fsType = "zfs";
  #};

  services.qemuGuest.enable = true;
  services.spice-vdagentd.enable = true;
  nix.settings.auto-optimise-store = true;
  virtualisation.spiceUSBRedirection.enable = true;
  users.groups = { uinput = {}; };
  services.udev.extraRules =
    ''
      KERNEL=="uinput", MODE="0660", GROUP="uinput", OPTIONS+="static_node=uinput"
    '';

  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "22.05"; # Did you read the comment?
}

A  => packages/burp-pro.nix +49 -0
@@ 1,49 @@
{ lib, stdenv, fetchurl, jdk11, runtimeShell, unzip, chromium }:

# https://zimbatm.com/notes/nix-packaging-the-heretic-way
stdenv.mkDerivation rec {
  pname = "burpsuite";
  version = "2022.8.5";

  src = fetchurl {
    name = "burpsuite.jar";
    urls = [
      "https://portswigger-cdn.net/burp/releases/download?product=pro&version=${version}&type=Jar"
    ];
    sha256 = "sha256-BLX/SgHctXciOZoA6Eh4zuDJoxNSZgvoj2Teg1fV80g=";
  };

  dontUnpack = true;
  dontBuild = true;
  installPhase = ''
    runHook preInstall

    mkdir -p $out/bin
    echo '#!${runtimeShell}
    eval "$(${unzip}/bin/unzip -p ${src} chromium.properties)"
    mkdir -p "$HOME/.BurpSuite/burpbrowser/$linux64"
    ln -sf "${chromium}/bin/chromium" "$HOME/.BurpSuite/burpbrowser/$linux64/chrome"
    exec ${jdk11}/bin/java -jar ${src} "$@"' > $out/bin/burpsuite
    chmod +x $out/bin/burpsuite

    runHook postInstall
  '';
  #TODO copy `~/.java/.userPrefs/burp/prefs.xml`

  preferLocalBuild = true;

  meta = with lib; {
    description = "An integrated platform for performing security testing of web applications - Pro version";
    longDescription = ''
      Burp Suite is an integrated platform for performing security testing of web applications.
      Its various tools work seamlessly together to support the entire testing process, from
      initial mapping and analysis of an application's attack surface, through to finding and
      exploiting security vulnerabilities.
    '';
    homepage = "https://portswigger.net/burp/";
    downloadPage = "https://portswigger.net/burp/freedownload";
    sourceProvenance = with sourceTypes; [ binaryBytecode ];
    license = licenses.unfree;
    platforms = jdk11.meta.platforms;
  };
}

A  => packages/pretender.nix +19 -0
@@ 1,19 @@
{ lib, buildGoModule, fetchFromGitHub, ... }:
buildGoModule rec {
	pname = "pretender";
	version = "v1.0.0";
      	doCheck = false;

	vendorSha256 = "sha256-CpMrxAZ+7Dc1UgH+AnuGh+gpBZpLshck/1+9WJNssEk=";

	src = fetchFromGitHub {
	  rev = "v1.0.0";
	  owner = "RedTeamPentesting";
	  repo = "pretender";
	  sha256 = "sha256-JTNmebubaJQMtZm1ZGZote1qXjjiMcxSGQYPgLZXd0o=";
	};

	meta = {
	  license = lib.licenses.mit;
	};
}

A  => patches/0001-dwm-hosaka-colors.patch +87 -0
@@ 1,87 @@
From bb2ca3e3e9c6fd6dc080e9172cb041d798f6a8c1 Mon Sep 17 00:00:00 2001
From: poptart <poptart@hosakacorp.net>
Date: Tue, 11 Oct 2022 11:36:11 -0500
Subject: [PATCH] Initial style fixes for personal use

---
 config.def.h | 30 +++++++++++++-----------------
 1 file changed, 13 insertions(+), 17 deletions(-)

diff --git a/config.def.h b/config.def.h
index a2ac963..ce3ea0e 100644
--- a/config.def.h
+++ b/config.def.h
@@ -5,21 +5,19 @@ static const unsigned int borderpx  = 1;        /* border pixel of windows */
 static const unsigned int snap      = 32;       /* snap pixel */
 static const int showbar            = 1;        /* 0 means no bar */
 static const int topbar             = 1;        /* 0 means bottom bar */
-static const char *fonts[]          = { "monospace:size=10" };
-static const char dmenufont[]       = "monospace:size=10";
+static const char *fonts[]          = { "TerminessTTF Nerd Font Mono:style=Medium:size=14:antialias=true:autohint=true" };
+static const char dmenufont[]       = "TerminessTTF Nerd Font Mono:style=Medium:size=14:antialias=true:autohint=true";
 static const char col_gray1[]       = "#222222";
-static const char col_gray2[]       = "#444444";
-static const char col_gray3[]       = "#bbbbbb";
-static const char col_gray4[]       = "#eeeeee";
-static const char col_cyan[]        = "#005577";
+static const char col_green[]       = "#cee318";
+static const char col_gray2[]       = "#aaaaaa";
 static const char *colors[][3]      = {
 	/*               fg         bg         border   */
-	[SchemeNorm] = { col_gray3, col_gray1, col_gray2 },
-	[SchemeSel]  = { col_gray4, col_cyan,  col_cyan  },
+	[SchemeNorm] = { col_gray2, col_gray1, col_gray1 },
+	[SchemeSel]  = { col_green, col_gray1,  col_green  },
 };
 
 /* tagging */
-static const char *tags[] = { "1", "2", "3", "4", "5", "6", "7", "8", "9" };
+static const char *tags[] = { "一", "二", "三", "四", "五", "六", "七" };
 
 static const Rule rules[] = {
 	/* xprop(1):
@@ -28,7 +26,7 @@ static const Rule rules[] = {
 	 */
 	/* class      instance    title       tags mask     isfloating   monitor */
 	{ "Gimp",     NULL,       NULL,       0,            1,           -1 },
-	{ "Firefox",  NULL,       NULL,       1 << 8,       0,           -1 },
+	{ "Firefox",  NULL,       NULL,       1 << 2,       0,           -1 },
 };
 
 /* layout(s) */
@@ -39,9 +37,9 @@ static const int lockfullscreen = 1; /* 1 will force focus on the fullscreen win
 
 static const Layout layouts[] = {
 	/* symbol     arrange function */
-	{ "[]=",      tile },    /* first entry is default */
-	{ "><>",      NULL },    /* no layout function means floating behavior */
-	{ "[M]",      monocle },
+	{ "🞎",      tile },    /* first entry is default */
+	{ "☁ ",      NULL },    /* no layout function means floating behavior */
+	{ "ꙩ",      monocle },
 };
 
 /* key definitions */
@@ -57,8 +55,8 @@ static const Layout layouts[] = {
 
 /* commands */
 static char dmenumon[2] = "0"; /* component of dmenucmd, manipulated in spawn() */
-static const char *dmenucmd[] = { "dmenu_run", "-m", dmenumon, "-fn", dmenufont, "-nb", col_gray1, "-nf", col_gray3, "-sb", col_cyan, "-sf", col_gray4, NULL };
-static const char *termcmd[]  = { "st", NULL };
+static const char *dmenucmd[] = { "dmenu_run", "-m", dmenumon, "-fn", dmenufont, "-nb", col_gray1, "-nf", col_gray2, "-sb", col_green, "-sf", col_gray1, NULL };
+static const char *termcmd[]  = { "alacritty", NULL };
 
 static Key keys[] = {
 	/* modifier                     key        function        argument */
@@ -92,8 +90,6 @@ static Key keys[] = {
 	TAGKEYS(                        XK_5,                      4)
 	TAGKEYS(                        XK_6,                      5)
 	TAGKEYS(                        XK_7,                      6)
-	TAGKEYS(                        XK_8,                      7)
-	TAGKEYS(                        XK_9,                      8)
 	{ MODKEY|ShiftMask,             XK_q,      quit,           {0} },
 };
 
-- 
2.35.1


A  => patches/0001-st-hosaka-colors.patch +230 -0
@@ 1,230 @@
From a2f2bf1ea5453905e475b8920441c1c44c49a01f Mon Sep 17 00:00:00 2001
From: poptart <poptart@hosakacorp.net>
Date: Fri, 9 Sep 2022 14:22:05 -0500
Subject: [PATCH] Hosaka colors

---
 config.def.h |  49 +++++++++++++------------
 x.c          | 101 +++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 127 insertions(+), 23 deletions(-)

diff --git a/config.def.h b/config.def.h
index 91ab8ca..a9b985d 100644
--- a/config.def.h
+++ b/config.def.h
@@ -5,7 +5,10 @@
  *
  * font: see http://freedesktop.org/software/fontconfig/fontconfig-user.html
  */
-static char *font = "Liberation Mono:pixelsize=12:antialias=true:autohint=true";
+static char *font = "TerminessTTF Nerd Font Mono:style=Medium:size=14:antialias=true:autohint=true";
+static char *font2[] = {
+	"Symbola:style=Regular:size=14:antialias=true:autohint=true",
+};
 static int borderpx = 2;
 
 /*
@@ -53,7 +56,7 @@ int allowwindowops = 0;
  * near minlatency, but it waits longer for slow updates to avoid partial draw.
  * low minlatency will tear/flicker more, as it can "detect" idle too early.
  */
-static double minlatency = 8;
+static double minlatency = 4;
 static double maxlatency = 33;
 
 /*
@@ -91,37 +94,37 @@ char *termname = "st-256color";
  *
  *	stty tabs
  */
-unsigned int tabspaces = 8;
+unsigned int tabspaces = 4;
 
 /* Terminal colors (16 first used in escape sequence) */
 static const char *colorname[] = {
 	/* 8 normal colors */
-	"black",
-	"red3",
-	"green3",
-	"yellow3",
-	"blue2",
-	"magenta3",
-	"cyan3",
-	"gray90",
+	"#383830",
+	"#F92672",
+	"#CEE318",
+	"#F4BF75",
+	"#66D9EF",
+	"#CC6633",
+	"#A1EFE4",
+	"#F5F4F1",
 
 	/* 8 bright colors */
-	"gray50",
-	"red",
-	"green",
-	"yellow",
-	"#5c5cff",
-	"magenta",
-	"cyan",
-	"white",
+	"#272822",
+	"#FD971F",
+	"#49483E",
+	"#75715E",
+	"#A59F85",
+	"#AE81FF",
+	"#F8F8F2",
+	"#F9F8F5",
 
 	[255] = 0,
 
 	/* more colors can be added after 255 to use with DefaultXX */
-	"#cccccc",
-	"#555555",
-	"gray90", /* default foreground colour */
-	"black", /* default background colour */
+	"#AAAAAA",
+	"#666666",
+	"#AAAAAA", /* default foreground colour */
+	"#222222", /* default background colour */
 };
 
 
diff --git a/x.c b/x.c
index cd96575..6d3010d 100644
--- a/x.c
+++ b/x.c
@@ -157,6 +157,8 @@ static void xhints(void);
 static int xloadcolor(int, const char *, Color *);
 static int xloadfont(Font *, FcPattern *);
 static void xloadfonts(const char *, double);
+static int xloadsparefont(FcPattern *, int);
+static void xloadsparefonts(void);
 static void xunloadfont(Font *);
 static void xunloadfonts(void);
 static void xsetenv(void);
@@ -306,6 +308,7 @@ zoomabs(const Arg *arg)
 {
 	xunloadfonts();
 	xloadfonts(usedfont, arg->f);
+	xloadsparefonts();
 	cresize(0, 0);
 	redraw();
 	xhints();
@@ -1050,6 +1053,101 @@ xloadfonts(const char *fontstr, double fontsize)
 	FcPatternDestroy(pattern);
 }
 
+int
+xloadsparefont(FcPattern *pattern, int flags)
+{
+	FcPattern *match;
+	FcResult result;
+	
+	match = FcFontMatch(NULL, pattern, &result);
+	if (!match) {
+		return 1;
+	}
+
+	if (!(frc[frclen].font = XftFontOpenPattern(xw.dpy, match))) {
+		FcPatternDestroy(match);
+		return 1;
+	}
+
+	frc[frclen].flags = flags;
+	/* Believe U+0000 glyph will present in each default font */
+	frc[frclen].unicodep = 0;
+	frclen++;
+
+	return 0;
+}
+
+void
+xloadsparefonts(void)
+{
+	FcPattern *pattern;
+	double sizeshift, fontval;
+	int fc;
+	char **fp;
+
+	if (frclen != 0)
+		die("can't embed spare fonts. cache isn't empty");
+
+	/* Calculate count of spare fonts */
+	fc = sizeof(font2) / sizeof(*font2);
+	if (fc == 0)
+		return;
+
+	/* Allocate memory for cache entries. */
+	if (frccap < 4 * fc) {
+		frccap += 4 * fc - frccap;
+		frc = xrealloc(frc, frccap * sizeof(Fontcache));
+	}
+
+	for (fp = font2; fp - font2 < fc; ++fp) {
+	
+		if (**fp == '-')
+			pattern = XftXlfdParse(*fp, False, False);
+		else
+			pattern = FcNameParse((FcChar8 *)*fp);
+	
+		if (!pattern)
+			die("can't open spare font %s\n", *fp);
+	   		
+		if (defaultfontsize > 0) {
+			sizeshift = usedfontsize - defaultfontsize;
+			if (sizeshift != 0 &&
+					FcPatternGetDouble(pattern, FC_PIXEL_SIZE, 0, &fontval) ==
+					FcResultMatch) {	
+				fontval += sizeshift;
+				FcPatternDel(pattern, FC_PIXEL_SIZE);
+				FcPatternDel(pattern, FC_SIZE);
+				FcPatternAddDouble(pattern, FC_PIXEL_SIZE, fontval);
+			}
+		}
+	
+		FcPatternAddBool(pattern, FC_SCALABLE, 1);
+	
+		FcConfigSubstitute(NULL, pattern, FcMatchPattern);
+		XftDefaultSubstitute(xw.dpy, xw.scr, pattern);
+	
+		if (xloadsparefont(pattern, FRC_NORMAL))
+			die("can't open spare font %s\n", *fp);
+	
+		FcPatternDel(pattern, FC_SLANT);
+		FcPatternAddInteger(pattern, FC_SLANT, FC_SLANT_ITALIC);
+		if (xloadsparefont(pattern, FRC_ITALIC))
+			die("can't open spare font %s\n", *fp);
+			
+		FcPatternDel(pattern, FC_WEIGHT);
+		FcPatternAddInteger(pattern, FC_WEIGHT, FC_WEIGHT_BOLD);
+		if (xloadsparefont(pattern, FRC_ITALICBOLD))
+			die("can't open spare font %s\n", *fp);
+	
+		FcPatternDel(pattern, FC_SLANT);
+		FcPatternAddInteger(pattern, FC_SLANT, FC_SLANT_ROMAN);
+		if (xloadsparefont(pattern, FRC_BOLD))
+			die("can't open spare font %s\n", *fp);
+	
+		FcPatternDestroy(pattern);
+	}
+}
+
 void
 xunloadfont(Font *f)
 {
@@ -1147,6 +1245,9 @@ xinit(int cols, int rows)
 	usedfont = (opt_font == NULL)? font : opt_font;
 	xloadfonts(usedfont, 0);
 
+	/* spare fonts */
+	xloadsparefonts();
+
 	/* colors */
 	xw.cmap = XDefaultColormap(xw.dpy, xw.scr);
 	xloadcols();
-- 
2.35.1


A  => profiles/debug.nix +12 -0
@@ 1,12 @@
{ config, modulesPath, pkgs, lib, ... }:
{
	environment.systemPackages = with pkgs; [
	
	];

	#networking.firewall = {
  	#	enable = true;
  	#	allowedTCPPorts = [ ];
  	#	allowedUDPPortRanges = [ ];
	#};
}

A  => profiles/hosaka.nix +101 -0
@@ 1,101 @@
{ config, lib, pkgs, ... }:
let
hosaka = {
    colors = {
      green = "#cee318";
      gray = "#222222";
    };
  };
in
{
  imports = [ ./pentest.nix ]; 
  time.timeZone = "America/Denver";
  #services.xserver.videoDrivers = [ "qxl" ];
  services.xserver = {
    enable = true;
    desktopManager = {
      xterm.enable = false;
      xfce.enable = true;
    };
    windowManager.dwm.enable = true;
    displayManager.defaultSession = "none+dwm";
  };

  nixpkgs.overlays = [
    (self: super: {
      dwm = super.dwm.overrideAttrs (oldAttrs: rec {
        patches = [
          ../patches/0001-dwm-hosaka-colors.patch
        ];
      });
    })
  ];
  services.xserver.displayManager.lightdm.background = hosaka.colors.gray;
  services.xserver.displayManager.lightdm.greeters.gtk.theme.package = pkgs.numix-gtk-theme;
  services.xserver.displayManager.lightdm.greeters.gtk.theme.name = "Numix Dark";
  hardware.cpu.intel.updateMicrocode = true;
  services.xserver.libinput.enable = true;
  qt5.enable = true;
  qt5.platformTheme = "gtk2";
  qt5.style = "gtk2";
  environment.systemPackages = with pkgs; [
    git
      (neovim.override {
        vimAlias = true;
        #configure = {
        #  packages = [
        #    vim-nix
        #    vim-sensible
        #    vim-plug
        #  ];
        #customRC = (builtins.readFile ./nvim/init.vim);
        #};
    })
    (st.overrideAttrs (oldAttrs: rec {
      patches = [
        ../patches/0001-st-hosaka-colors.patch
      ];
    }))
    tree-sitter
    vimPlugins.nvim-treesitter
    pciutils
    symbola
    tmux
    dmenu
    numix-gtk-theme
    numix-icon-theme
    xlockmore
    lxrandr
    alacritty
  ];
  fonts.fonts = with pkgs; [
    (nerdfonts.override { fonts = [ "Terminus" ]; })
    symbola
  ];

  services.xserver.xautolock.locker = "${pkgs.xlockmore}/bin/xlock -fg '${hosaka.colors.green}' -bg '${hosaka.colors.gray}' -dpmsoff 30 -mode blank";
  services.xserver.xautolock.enable = true;
  services.xserver.xautolock.time = 30;
  services.xserver.xautolock.extraOptions = [
    "-secure"
  ];
  # Enable CUPS to print documents.
  # services.printing.enable = true;

  # Selecting users from a dropdown is bad defaults. This requires overriding the XFCE defaults
  #services.accounts-daemon.enable = pkgs.lib.mkForce false;
  sound.enable = true;
  hardware.pulseaudio.enable = true;
  environment.etc = {
    "xdg/user-dirs.defaults".text = ''
      DESKTOP=doc
      DOWNLOAD=dl
      TEMPLATES=doc/tmpl
      PUBLICSHARE=doc/pub
      DOCUMENTS=doc
      MUSIC=doc/music
      PICTURES=doc/pic
      VIDEOS=doc/video
    '';
  };
}

A  => profiles/kali-default.nix +41 -0
@@ 1,41 @@
{ config, modulesPath, pkgs, lib, ... }:
{
	imports = [ 
		./kali/kali-tools-top10.nix 
		./kali/kali-linux-core.nix
		./kali/kali-linux-default.nix
		#./kali/kali-linux-headless.nix
	
	];
	environment.systemPackages = with pkgs; [
		git
		curl
		gnupg
		restic
		gocryptfs
		#kali base
		cifs-utils
		netkittftp
		#iw
		#lvm2
		mlocate
		#libressl
		nfs-utils
		openssh
		openvpn
		p7zip
		parted
		#rfkill
		samba
		net-snmp
		sudo
		tcpdump
		#testdisk
		#netkit-tftp
		#tightvnc
		tmux
		unrar
		vim
		whois
	];
}

A  => profiles/kali-xfce.nix +75 -0
@@ 1,75 @@
{ config, modulesPath, pkgs, lib, ... }:
{
	imports = [ 
		./kali-default.nix 
	];
	environment.systemPackages = with pkgs; [
		# kali-desktop-core
		haveged
		noto-fonts
		noto-fonts-emoji
		firefox
		xdg-utils
		fuse3
		orca

		# kali-desktop-xfce
		alacritty
		qt5ct
		xfce.ristretto
		xfce.parole
		mate.engrampa
		xfce.thunar-archive-plugin
		xfce.mousepad
		mate.mate-calc
		mate.atril
		xfce.xfce4-taskmanager
		networkmanagerapplet
		xcape
		xfce.xfce4-cpugraph-plugin
		xfce.xfce4-genmon-plugin
		xfce.xfce4-power-manager
		xfce.xfce4-screenshooter
		xfce.xfce4-whiskermenu-plugin
		polkit_gnome
		blueman
		xfce.catfish
		gvfs
		libcanberra
		networkmanager-fortisslvpn
		networkmanager-l2tp
		networkmanager-openconnect
		# missing pptp
		networkmanager-openvpn
		networkmanager-vpnc
		onboard
		xfce.xfce4-battery-plugin
 		xfce.xfce4-clipman-plugin
 		xfce.xfce4-cpufreq-plugin
 		xfce.xfce4-datetime-plugin
 		#xfce.xfce4-hardware-monitor-plugin
 		xfce.xfce4-fsguard-plugin
 		xfce.xfce4-netload-plugin
 		#xfce.xfce4-places-plugin
 		xfce.xfce4-sensors-plugin
 		xfce.xfce4-systemload-plugin
 		xfce.xfce4-timer-plugin
 		xfce.xfce4-verve-plugin
 		#xfce.xfce4-wavelan-plugin
 		xfce.xfce4-xkb-plugin
	];
  	services.xserver = {
  	  enable = true;
  	  desktopManager = {
  	    xterm.enable = false;
  	    xfce.enable = true;
  	  };
	  displayManager.defaultSession = "xfce";
	  libinput.enable = true;
  	};
  	qt5.enable = true;
  	qt5.platformTheme = "gtk2";
  	qt5.style = "gtk2";
  	sound.enable = true;
  	hardware.pulseaudio.enable = true;
}

A  => profiles/kali/README.md +38 -0
@@ 1,38 @@
`ptvm` allows for the import of a subset of the Kali meta-packages. Each one is incomplete to a certain degree, but adding `imports = [ ./kali/kali-tools-top10.nix ./kali/kali-tools-fuzzing ];` as a profile variable will import all available metadata packages. The following imports are available: 

* [kali-linux-core](kali-linux-core.nix)
* [kali-linux-default](kali-linux-default.nix)
* [kali-linux-everything](kali-linux-everything.nix)
* [kali-linux-headless](kali-linux-headless.nix)
* [kali-linux-labs](kali-linux-labs.nix)
* [kali-linux-large](kali-linux-large.nix)
* [kali-tools-802-11](kali-tools-802-11.nix)
* [kali-tools-bluetooth](kali-tools-bluetooth.nix)
* [kali-tools-crypto-stego](kali-tools-crypto-stego.nix)
* [kali-tools-database](kali-tools-database.nix)
* [kali-tools-exploitation](kali-tools-exploitation.nix)
* [kali-tools-forensics](kali-tools-forensics.nix)
* [kali-tools-fuzzing](kali-tools-fuzzing.nix)
* [kali-tools-gpu](kali-tools-gpu.nix)
* [kali-tools-hardware](kali-tools-hardware.nix)
* [kali-tools-information-gathering](kali-tools-information-gathering.nix)
* [kali-tools-passwords](kali-tools-passwords.nix)
* [kali-tools-post-exploitation](kali-tools-post-exploitation.nix)
* [kali-tools-reporting](kali-tools-reporting.nix)
* [kali-tools-reverse-engineering](kali-tools-reverse-engineering.nix)
* [kali-tools-rfid](kali-tools-rfid.nix)
* [kali-tools-sdr](kali-tools-sdr.nix)
* [kali-tools-sniffing-spoofing](kali-tools-sniffing-spoofing.nix)
* [kali-tools-social-engineering](kali-tools-social-engineering.nix)
* [kali-tools-top10](kali-tools-top10.nix)
* [kali-tools-voip](kali-tools-voip.nix)
* [kali-tools-vulnerability](kali-tools-vulnerability.nix)
* [kali-tools-web](kali-tools-web.nix)
* [kali-tools-windows-resources](kali-tools-windows-resources.nix)
* [kali-tools-wireless](kali-tools-wireless.nix)

## Generator

Each of these is generated via `util/gen-list.sh`, which parses the Kali metadata package definitions and does a `nix search` for an exact match package name and then generates a `.nix` file containing the `systemPackages` definitions.

Each of these is marked with a `# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING` and it is suggested that the metapackage definition manually be checked with a less strict search and packages that were missing but have differently named `nixpkgs` should be added and the warning removed.

A  => profiles/kali/kali-linux-core.nix +34 -0
@@ 1,34 @@
{pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# kali-defaults
		# ftp
		# netcat-traditional
		# openssh-client
		# openssh-server
		# parted
		parted 
		# sudo
		sudo 
		# tasksel
		# tcpdump
		tcpdump 
		# tmux
		tmux 
		# vim-tiny
		# vim
		vim 
		# vim-nox
		# zsh
		zsh 
		# zsh-autosuggestions
		zsh-autosuggestions 
		# zsh-syntax-highlighting
		zsh-syntax-highlighting 
		# git
		git 
		# command-not-found
		# kali-tweaks
	];
}

A  => profiles/kali/kali-linux-default.nix +31 -0
@@ 1,31 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# kali-linux-headless
		# kali-tools-top10
		# autopsy
		# cutycapt
		# dirbuster
		# faraday
		faraday 
		# fern-wifi-cracker
		# guymager
		# hydra-gtk
		# king-phisher
		# legion
		# ophcrack
		# ophcrack-cli
		# cherrytree
		cherrytree 
		# gparted
		gparted 
		# rdesktop
		rdesktop 
		# recordmydesktop
		# sqlitebrowser
		sqlitebrowser 
		# tightvncserver
		# xtightvncviewer
	];
}
\ No newline at end of file

A  => profiles/kali/kali-linux-everything.nix +250 -0
@@ 1,250 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# kali-linux-core
		# kali-linux-default
		# kali-linux-arm
		# kali-tools-top10
		# kali-linux-headless
		# kali-linux-large
		# kali-tools-802-11
		# kali-tools-bluetooth
		# kali-tools-database
		# kali-tools-exploitation
		# kali-tools-forensics
		# kali-tools-fuzzing
		# kali-tools-information-gathering
		# kali-tools-vulnerability
		# kali-tools-web
		# kali-tools-database
		# kali-tools-passwords
		# kali-tools-wireless
		# kali-tools-reverse-engineering
		# kali-tools-exploitation
		# kali-tools-social-engineering
		# kali-tools-sniffing-spoofing
		# kali-tools-post-exploitation
		# kali-tools-forensics
		# kali-tools-reporting
		# kali-tools-802-11
		# kali-tools-bluetooth
		# kali-tools-crypto-stego
		# kali-tools-fuzzing
		# kali-tools-gpu
		# kali-tools-hardware
		# kali-tools-rfid
		# kali-tools-sdr
		# kali-tools-voip
		# kali-tools-windows-resources
		# airgeddon
		airgeddon 
		# altdns
		# apple-bleee
		# arjun
		# assetfinder
		# b374k
		# berate-ap
		# bettercap-ui
		# bing-ip2hosts
		# bloodhound
		# bruteforce-salted-openssl
		# bruteforce-wallet
		# bruteshark
		# brutespray
		brutespray 
		# capstone-tool
		# certgraph
		certgraph 
		# changeme
		# chaosreader
		# chisel
		chisel 
		# cloudbrute
		cloudbrute 
		# cloud-enum
		# cmseek
		# cntlm
		cntlm 
		# colly
		# crack
		# crowbar
		crowbar 
		# cupid-hostapd
		# cupid-wpasupplicant
		# de4dot
		# defectdojo
		# dirsearch
		# dislocker
		dislocker 
		# dnscat2
		# dnsgen
		# dnstwist
		dnstwist 
		# dnsx
		dnsx 
		# dscan
		# dufflebag
		# dumpsterdiver
		# dwarf2json
		dwarf2json 
		# eaphammer
		# email2phonenumber
		# emailharvester
		# evil-ssdp
		# exploitdb-bin-sploits
		# exploitdb-papers
		# faraday-agent-dispatcher
		faraday-agent-dispatcher 
		# faraday-cli
		faraday-cli 
		# feroxbuster
		feroxbuster 
		# finalrecon
		# freeradius
		freeradius 
		# gdb-peda
		# getallurls
		# gitleaks
		gitleaks 
		# godoh
		# golang-github-binject-go-donut
		# goldeneye
		# goofile
		# google-nexus-tools
		# gospider
		gospider 
		# gtkhash
		# hashrat
		# hb-honeypot
		# hcxtools
		hcxtools 
		# hostapd-mana
		hostapd-mana 
		# hosthunter
		# hostsman
		# htshells
		# httprobe
		# httpx-toolkit
		# hurl
		hurl 
		# ibombshell
		# ident-user-enum
		# inspy
		# instaloader
		instaloader 
		# ipv6-toolkit
		# ismtp
		# ivre
		# joplin
		joplin 
		# jsp-file-browser
		# kerberoast
		# knocker
		# koadic
		# lapsdumper
		# linux-exploit-suggester
		linux-exploit-suggester 
		# maltego-teeth
		# maryam
		# massdns
		# merlin-agent
		# merlin-server
		# mongo-tools
		# multiforcer
		# naabu
		naabu 
		# name-that-hash
		# nbtscan-unixwiz
		# nextnet
		# nmapsi4
		nmapsi4 
		# nuclei
		nuclei 
		# odat
		# o-saft
		# osrframework
		# owl
		owl 
		# pacu
		# parsero
		parsero 
		# payloadsallthethings
		# peirates
		# phishery
		# photon
		photon 
		# phpggc
		# phpsploit
		# pnscan
		# pocsuite3
		# pompem
		# poshc2
		# princeprocessor
		# prism
		prism 
		# proxify
		proxify 
		# proxmark3
		proxmark3 
		# pskracker
		# pwncat
		pwncat 
		# quark-engine
		quark-engine 
		# redsnarf
		# rev-proxy-grapher
		# ridenum
		# robotstxt
		# ropper
		# routerkeygenpc
		# routersploit
		routersploit 
		# ruby-pedump
		# s3scanner
		# sentrypeer
		# shed
		# shellfire
		# sherlock
		sherlock 
		# silenttrinity
		# sliver
		# snmpenum
		# snowdrop
		# sparrow-wifi
		# spray
		# sprayingtoolkit
		# spraykatz
		# sslstrip
		# stegcracker
		# subfinder
		subfinder 
		# subjack
		# sublist3r
		# teamsploit
		# testssl.sh
		# trufflehog
		trufflehog 
		# tundeep
		# unhide.rb
		# unicorn-magic
		# websploit
		websploit 
		# wgetpaste
		wgetpaste 
		# whatmask
		# wifiphisher
		# wifipumpkin3
		# wig
		# wig-ng
		# witnessme
		# wmi-client
		# wordlistraider
		# wotmate
		# wpa-sycophant
		# zonedb
		# android-sdk
		# kali-community-wallpapers
		# kali-legacy-wallpapers
	];
}
\ No newline at end of file

A  => profiles/kali/kali-linux-headless.nix +309 -0
@@ 1,309 @@
{ pkgs, ... }:
let
  unstable = import <nixos-unstable> {};
in
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# kali-linux-core
		# aircrack-ng
		aircrack-ng 
		# amass
		amass 
		# arp-scan
		arp-scan 
		# arping
		arping 
		# iputils-arping
		# binwalk
		binwalk 
		# bluez
		bluez 
		# bluez-hcidump
		# bulk-extractor
		# bully
		bully 
		# cadaver
		cadaver 
		# cewl
		cewl 
		# chntpw
		chntpw 
		# commix
		unstable.commix 
		# crackmapexec
		unstable.crackmapexec 
		# creddump7
		# crunch
		crunch 
		# cryptcat
		# davtest
		davtest 
		# dbd
		# dirb
		dirb 
		# dmitry
		# dns2tcp
		# dnschef
		dnschef 
		# dnsenum
		dnsenum 
		# dnsrecon
		dnsrecon 
		# enum4linux
		enum4linux 
		# evil-winrm
		evil-winrm 
		# exe2hexbat
		# exiv2
		exiv2 
		# exploitdb
		exploitdb 
		# ffuf
		ffuf 
		# fierce
		fierce 
		# fping
		fping 
		# gpp-decrypt
		# hash-identifier
		hash-identifier 
		# hashcat
		hashcat 
		# hashcat-utils
		hashcat-utils 
		# hashid
		# hping3
		# hydra
		# i2c-tools
		i2c-tools 
		# ike-scan
		ike-scan 
		# impacket-scripts
		# inetsim
		# iodine
		iodine 
		# john
		john 
		# kismet
		kismet 
		# laudanum
		# lbd
		# macchanger
		macchanger 
		# magicrescue
		# maskprocessor
		# masscan
		masscan 
		# metasploit-framework
		# mimikatz
		# mitmproxy
		mitmproxy 
		# msfpc
		msfpc 
		# nasm
		nasm 
		# nbtscan
		# ncrack
		ncrack 
		# ncurses-hexedit
		# netdiscover
		netdiscover 
		# netsed
		# nfs-common
		# nikto
		nikto 
		# nmap
		nmap 
		# onesixtyone
		onesixtyone 
		# passing-the-hash
		# patator
		# pdf-parser
		pdf-parser 
		# pdfid
		# pipal
		# pixiewps
		pixiewps 
		# powershell-empire
		# powersploit
		# proxychains4
		# proxytunnel
		# ptunnel
		# python-is-python3
		# python3-impacket
		# python3-scapy
		# qsslcaudit
		# radare2
		radare2 
		# reaver
		# rebind
		# recon-ng
		# redsocks
		redsocks 
		# responder
		# rsmangler
		# samdump2
		# sbd
		# scalpel
		# scrounge-ntfs
		# set
		# skipfish
		# sleuthkit
		sleuthkit 
		# smbmap
		# snmpcheck
		snmpcheck 
		# spiderfoot
		# spike
		spike 
		# spooftooph
		# sqlmap
		sqlmap 
		# ssldump
		ssldump 
		# sslscan
		sslscan 
		# sslsplit
		sslsplit 
		# sslyze
		# statsprocessor
		# thc-ipv6
		thc-ipv6 
		# thc-pptp-bruter
		# theharvester
		theharvester 
		# udptunnel
		udptunnel 
		# unix-privesc-check
		# voiphopper
		# wafw00f
		wafw00f 
		# wce
		# webshells
		# weevely
		# wfuzz
		wfuzz 
		# whatweb
		whatweb 
		# wifite
		# windows-binaries
		# winexe
		# wordlists
		# wpscan
		wpscan 
		# python3-pip
		# python3-virtualenv
		# apache2
		# atftpd
		# axel
		axel 
		# bind9-dnsutils
		# cifs-utils
		cifs-utils 
		# clang
		clang 
		# cryptsetup
		cryptsetup 
		# cryptsetup-initramfs
		# cryptsetup-nuke-password
		# curlftpfs
		curlftpfs 
		# default-mysql-server
		# dos2unix
		dos2unix 
		# ethtool
		ethtool 
		# expect
		expect 
		# gdisk
		# git
		git 
		# hashdeep
		hashdeep 
		# hotpatch
		hotpatch 
		# ifenslave
		ifenslave 
		# iw
		iw 
		# libimage-exiftool-perl
		# minicom
		minicom 
		# miredo
		miredo 
		# multimac
		# netmask
		netmask 
		# netsniff-ng
		netsniff-ng 
		# ngrep
		ngrep 
		# openvpn
		openvpn 
		# p7zip-full
		# php
		php 
		# php-mysql
		# plocate
		plocate 
		# mlocate
		mlocate 
		# powershell
		powershell 
		# pwnat
		pwnat 
		# rake
		rake 
		# rfkill
		# sakis3g
		# samba
		samba 
		# screen
		screen 
		# sendemail
		# snmp
		# snmpd
		# socat
		socat 
		# sslh
		sslh 
		# stunnel4
		# swaks
		swaks 
		# tcpick
		# tcpreplay
		tcpreplay 
		# telnet
		# testdisk
		testdisk 
		# tftp
		# traceroute
		traceroute 
		# unrar
		unrar 
		# unar
		unar 
		# upx-ucl
		# vboot-kernel-utils
		# vboot-utils
		# vim
		vim 
		# vim-nox
		# vlan
		vlan 
		# vpnc
		vpnc 
		# whois
		whois 
		# fuse3
		fuse3 
		# kali-linux-firmware
		# python3-requests
		# python2
		python2 
		# offsec-awae-python2
		# gss-ntlmssp
		# netbase
	];
}

A  => profiles/kali/kali-linux-labs.nix +8 -0
@@ 1,8 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# dvwa
		# juice-shop
	];
}
\ No newline at end of file

A  => profiles/kali/kali-linux-large.nix +235 -0
@@ 1,235 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# kali-linux-core
		# kali-linux-default
		# 0trace
		# afflib-tools
		# amap
		# apache-users
		# apktool
		apktool 
		# armitage
		# arpwatch
		# asleap
		asleap 
		# backdoor-factory
		# bed
		# beef-xss
		# bluelog
		# blueranger
		# bluesnarfer
		# braa
		# btscanner
		# bytecode-viewer
		# cabextract
		cabextract 
		# caldera
		# certipy-ad
		# chirp
		chirp 
		# cisco-auditing-tool
		# cisco-global-exploiter
		# cisco-ocs
		# cisco-torch
		# cloud-enum
		# cmospwd
		# code-oss
		# copy-router-config
		# cowpatty
		cowpatty 
		# cymothoa
		# darkstat
		darkstat 
		# dbeaver
		dbeaver 
		# dc3dd
		# dcfldd
		dcfldd 
		# ddrescue
		ddrescue 
		# dex2jar
		dex2jar 
		# dhcpig
		# dnsmap
		# dnstracer
		dnstracer 
		# dnswalk
		# doona
		doona 
		# dotdotpwn
		# dradis
		# driftnet
		driftnet 
		# dsniff
		dsniff 
		# dumpzilla
		# eapmd5pass
		# enumiax
		# ettercap-graphical
		# ettercap-text-only
		# ewf-tools
		# extundelete
		extundelete 
		# fcrackzip
		fcrackzip 
		# ferret-sidejack
		# fiked
		# foremost
		foremost 
		# fragrouter
		# framework2
		# ftester
		# galleta
		# ghidra
		ghidra 
		# gobuster
		gobuster 
		# hackrf
		hackrf 
		# hamster-sidejack
		# hexinject
		# httrack
		httrack 
		# iaxflood
		# intrace
		# inviteflood
		# irpas
		# jadx
		jadx 
		# javasnoop
		# jboss-autopwn
		# johnny
		# joomscan
		# jsql-injection
		# kismet-logtools
		# libfindrtp
		# libfreefare-bin
		# libhivex-bin
		# libnfc-bin
		# lynis
		lynis 
		# maltego
		# mdbtools
		mdbtools 
		# mdk3
		# medusa
		medusa 
		# memdump
		# mercurial
		mercurial 
		# mfcuk
		mfcuk 
		# mfoc
		mfoc 
		# mfterm
		# missidentify
		# ncat-w32
		# netwag
		# nipper-ng
		# nishang
		# ohrwurm
		# ollydbg
		# oscanner
		# p0f
		p0f 
		# pack
		# padbuster
		padbuster 
		# paros
		# pasco
		# perl-cisco-copyconfig
		# pev
		pev 
		# photon
		photon 
		# plecost
		plecost 
		# polenum
		# protos-sip
		# pst-utils
		# rainbowcrack
		# rcracki-mt
		# recoverjpeg
		recoverjpeg 
		# recstudio
		# redfang
		redfang 
		# reglookup
		# regripper
		# rifiuti
		# rifiuti2
		# rtpbreak
		# rtpflood
		# rtpinsertsound
		# rtpmixsound
		# safecopy
		safecopy 
		# sctpscan
		# seclists
		# sfuzz
		# sidguesser
		# siege
		siege 
		# siparmyknife
		# sipcrack
		# sipp
		sipp 
		# sipvicious
		sipvicious 
		# smali
		# smtp-user-enum
		# sniffjoke
		# spectools
		# sqldict
		# sqlninja
		# sqlsus
		# sslsniff
		# starkiller
		# subversion
		subversion 
		# sucrack
		# t50
		# termineter
		# tftpd32
		# thc-ssl-dos
		# tlssled
		# tnscmd10g
		# truecrack
		truecrack 
		# twofi
		# unicornscan
		# uniscan
		# urlcrazy
		# vinetto
		# wapiti
		wapiti 
		# webacoo
		# webscarab
		# wifi-honey
		# xspy
		# xsser
		xsser 
		# yersinia
		yersinia 
		# zaproxy
		# zim
		zim 
		# cgpt
		# chkrootkit
		chkrootkit 
		# edb-debugger
		# gdb
		gdb 
		# mc
		mc 
		# tcpflow
		tcpflow 
		# vim-gtk3
		# zerofree
		zerofree 
		# chromium
		chromium 
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-802-11.nix +36 -0
@@ 1,36 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# aircrack-ng
		aircrack-ng 
		# airgeddon
		airgeddon 
		# asleap
		asleap 
		# bully
		bully 
		# cowpatty
		cowpatty 
		# eapmd5pass
		# fern-wifi-cracker
		# freeradius-wpe
		# hashcat
		hashcat 
		# hostapd-wpe
		# iw
		iw 
		# kismet
		kismet 
		# macchanger
		macchanger 
		# mdk3
		# mdk4
		mdk4 
		# pixiewps
		pixiewps 
		# reaver
		# wifi-honey
		# wifite
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-bluetooth.nix +20 -0
@@ 1,20 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# bluelog
		# blueranger
		# bluesnarfer
		# bluez
		bluez 
		# bluez-hcidump
		# btscanner
		# crackle
		crackle 
		# redfang
		redfang 
		# spooftooph
		# ubertooth
		ubertooth 
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-crypto-stego.nix +15 -0
@@ 1,15 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# aesfix
		aesfix 
		# aeskeyfind
		aeskeyfind 
		# ccrypt
		ccrypt 
		# outguess
		# steghide
		# stegsnow
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-database.nix +19 -0
@@ 1,19 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# jsql-injection
		# mdbtools
		mdbtools 
		# oscanner
		# sidguesser
		# sqldict
		# sqlitebrowser
		sqlitebrowser 
		# sqlmap
		sqlmap 
		# sqlninja
		# sqlsus
		# tnscmd10g
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-exploitation.nix +19 -0
@@ 1,19 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# armitage
		# beef-xss
		# exploitdb
		exploitdb 
		# metasploit-framework
		# msfpc
		msfpc 
		# set
		# shellnoob
		shellnoob 
		# sqlmap
		sqlmap 
		# termineter
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-forensics.nix +146 -0
@@ 1,146 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# afflib-tools
		# apktool
		apktool 
		# autopsy
		# binwalk
		binwalk 
		# bulk-extractor
		# bytecode-viewer
		# cabextract
		cabextract 
		# chkrootkit
		chkrootkit 
		# creddump7
		# dc3dd
		# dcfldd
		dcfldd 
		# ddrescue
		ddrescue 
		# dumpzilla
		# edb-debugger
		# ewf-tools
		# exifprobe
		exifprobe 
		# exiv2
		exiv2 
		# ext3grep
		# ext4magic
		ext4magic 
		# extundelete
		extundelete 
		# fcrackzip
		fcrackzip 
		# firmware-mod-kit
		# foremost
		foremost 
		# forensic-artifacts
		# forensics-colorize
		# galleta
		# gdb
		gdb 
		# gpart
		gpart 
		# gparted
		gparted 
		# grokevt
		# guymager
		# hashdeep
		hashdeep 
		# inetsim
		# jadx
		jadx 
		# javasnoop
		# libhivex-bin
		# lime-forensics
		# lvm2
		lvm2 
		# lynis
		lynis 
		# mac-robber
		# magicrescue
		# md5deep
		# mdbtools
		mdbtools 
		# memdump
		# metacam
		# missidentify
		# myrescue
		# nasm
		nasm 
		# nasty
		nasty 
		# ollydbg
		# p7zip-full
		# parted
		parted 
		# pasco
		# pdfid
		# pdf-parser
		pdf-parser 
		# pev
		pev 
		# plaso
		# polenum
		# pst-utils
		# python3-capstone
		# python3-dfdatetime
		# python3-dfvfs
		# python3-dfwinreg
		# python3-distorm3
		# radare2
		radare2 
		# recoverdm
		# recoverjpeg
		recoverjpeg 
		# recstudio
		# reglookup
		# regripper
		# rephrase
		# rifiuti
		# rifiuti2
		# rizin-cutter
		# rkhunter
		# rsakeyfind
		# safecopy
		safecopy 
		# samdump2
		# scalpel
		# scrounge-ntfs
		# sleuthkit
		sleuthkit 
		# smali
		# sqlitebrowser
		sqlitebrowser 
		# ssdeep
		ssdeep 
		# tcpdump
		tcpdump 
		# tcpflow
		tcpflow 
		# tcpick
		# tcpreplay
		tcpreplay 
		# truecrack
		truecrack 
		# undbx
		# unhide
		# unrar
		unrar 
		# unar
		unar 
		# upx-ucl
		# vinetto
		# wce
		# winregfs
		# wireshark
		wireshark 
		# xmount
		# xplico
		# yara
		yara 
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-fuzzing.nix +13 -0
@@ 1,13 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# afl++
		afl 
		# sfuzz
		# spike
		spike 
		# wfuzz
		wfuzz 
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-gpu.nix +9 -0
@@ 1,9 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# oclgausscrack
		# truecrack
		truecrack 
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-hardware.nix +21 -0
@@ 1,21 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# binwalk
		binwalk 
		# cutecom
		cutecom 
		# flashrom
		flashrom 
		# minicom
		minicom 
		# openocd
		openocd 
		# qemu-system-x86
		# qemu-user
		# radare2
		radare2 
		# rizin-cutter
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-information-gathering.nix +53 -0
@@ 1,53 @@
{ pkgs, ... }:
{
	environment.systemPackages = with pkgs; [
                # 0trace
                arping
                # braa
                # dmitry
                dnsenum
                # dnsmap
                dnsrecon
                dnstracer
                # dnswalk
                enum4linux-ng
                fierce
                # firewalk
                fping
                # fragrouter
                # ftester
                hping
                ike-scan
                # intrace
                # irpas
                # lbd
                # legion
                # maltego
                masscan
                # metagoofil
                # nbtscan
                # ncat
                netdiscover
                netmask
                nmap
                onesixtyone
                p0f
                # qsslcaudit
                # recon-ng
                # smbmap
                # smtp-user-enum
                snmpcheck
                ssldump
                sslh
                sslscan
                # sslyze
                swaks
                thc-ipv6
                theharvester
                # tlssled
                # twofi
                # unicornscan
                # urlcrazy
                wafw00f
	];
}

A  => profiles/kali/kali-tools-passwords.nix +70 -0
@@ 1,70 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# kali-tools-gpu
		# cewl
		cewl 
		# chntpw
		chntpw 
		# cisco-auditing-tool
		# cmospwd
		# crackle
		crackle 
		# creddump7
		# crunch
		crunch 
		# fcrackzip
		fcrackzip 
		# freerdp2-x11
		# gpp-decrypt
		# hash-identifier
		hash-identifier 
		# hashcat
		hashcat 
		# hashcat-utils
		hashcat-utils 
		# hashid
		# hydra
		# hydra-gtk
		# john
		john 
		# johnny
		# maskprocessor
		# medusa
		medusa 
		# mimikatz
		# ncrack
		ncrack 
		# onesixtyone
		onesixtyone 
		# ophcrack
		# ophcrack-cli
		# pack
		# passing-the-hash
		# patator
		# pdfcrack
		pdfcrack 
		# pipal
		# polenum
		# rainbowcrack
		# rarcrack
		rarcrack 
		# rcracki-mt
		# rsmangler
		# samdump2
		# seclists
		# sipcrack
		# sipvicious
		sipvicious 
		# smbmap
		# sqldict
		# statsprocessor
		# sucrack
		# thc-pptp-bruter
		# truecrack
		truecrack 
		# twofi
		# wordlists
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-post-exploitation.nix +34 -0
@@ 1,34 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# backdoor-factory
		# cymothoa
		# dbd
		# dns2tcp
		# exe2hexbat
		# iodine
		iodine 
		# laudanum
		# mimikatz
		# miredo
		miredo 
		# nishang
		# powersploit
		# proxychains4
		# proxytunnel
		# ptunnel
		# pwnat
		pwnat 
		# sbd
		# shellter
		# sslh
		sslh 
		# stunnel4
		# udptunnel
		udptunnel 
		# veil
		# webacoo
		# weevely
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-reporting.nix +15 -0
@@ 1,15 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# cutycapt
		# dradis
		# eyewitness
		# faraday
		faraday 
		# maltego
		# metagoofil
		# pipal
		# recordmydesktop
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-reverse-engineering.nix +25 -0
@@ 1,25 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# apktool
		apktool 
		# bytecode-viewer
		# clang
		clang 
		# dex2jar
		dex2jar 
		# edb-debugger
		# jadx
		jadx 
		# javasnoop
		# jd-gui
		jd-gui 
		# metasploit-framework
		# ollydbg
		# radare2
		radare2 
		# recstudio
		# rizin-cutter
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-rfid.nix +18 -0
@@ 1,18 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# gnuradio
		gnuradio 
		# libfreefare-bin
		# libnfc-bin
		# mfcuk
		mfcuk 
		# mfoc
		mfoc 
		# mfterm
		# proxmark3
		proxmark3 
		# rfdump
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-sdr.nix +25 -0
@@ 1,25 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# chirp
		chirp 
		# gnuradio
		gnuradio 
		# gqrx-sdr
		# gr-air-modes
		# gr-iqbal
		# gr-osmosdr
		# hackrf
		hackrf 
		# inspectrum
		inspectrum 
		# kalibrate-rtl
		kalibrate-rtl 
		# multimon-ng
		multimon-ng 
		# rtlsdr-scanner
		# uhd-host
		# uhd-images
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-sniffing-spoofing.nix +44 -0
@@ 1,44 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# bettercap
		bettercap 
		# darkstat
		darkstat 
		# dnschef
		dnschef 
		# driftnet
		driftnet 
		# dsniff
		dsniff 
		# ettercap-graphical
		# ettercap-text-only
		# ferret-sidejack
		# fiked
		# hamster-sidejack
		# hexinject
		# isr-evilgrade
		# macchanger
		macchanger 
		# mitmproxy
		mitmproxy 
		# netsniff-ng
		netsniff-ng 
		# rebind
		# responder
		# sniffjoke
		# sslsniff
		# sslsplit
		sslsplit 
		# tcpflow
		tcpflow 
		# tcpreplay
		tcpreplay 
		# wifi-honey
		# wireshark
		wireshark 
		# yersinia
		yersinia 
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-social-engineering.nix +13 -0
@@ 1,13 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# backdoor-factory
		# beef-xss
		# maltego
		# msfpc
		msfpc 
		# set
		# veil
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-top10.nix +25 -0
@@ 1,25 @@
{ pkgs, ... }:
{
	environment.systemPackages = with pkgs; [
		# aircrack-ng
		aircrack-ng 
		# burpsuite TODO(packaging)
		burpsuite 
		# crackmapexec
		crackmapexec 
		# hydra
		thc-hydra
		# john
		john 
		# metasploit-framework
		metasploit
		# nmap
		nmap 
		# responder
		(callPackage ../../packages/pretender.nix { })
		# sqlmap
		sqlmap 
		# wireshark
		wireshark 
	];
}

A  => profiles/kali/kali-tools-voip.nix +28 -0
@@ 1,28 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# enumiax
		# iaxflood
		# inviteflood
		# libfindrtp
		# nmap
		nmap 
		# ohrwurm
		# protos-sip
		# rtpbreak
		# rtpflood
		# rtpinsertsound
		# rtpmixsound
		# sctpscan
		# siparmyknife
		# sipcrack
		# sipp
		sipp 
		# sipvicious
		sipvicious 
		# voiphopper
		# wireshark
		wireshark 
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-vulnerability.nix +54 -0
@@ 1,54 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# afl++
		afl 
		# bed
		# cisco-auditing-tool
		# cisco-global-exploiter
		# cisco-ocs
		# cisco-torch
		# copy-router-config
		# dhcpig
		# enumiax
		# gvm
		# iaxflood
		# inviteflood
		# legion
		# lynis
		lynis 
		# nikto
		nikto 
		# nmap
		nmap 
		# ohrwurm
		# peass
		# protos-sip
		# rtpbreak
		# rtpflood
		# rtpinsertsound
		# rtpmixsound
		# sctpscan
		# sfuzz
		# siege
		siege 
		# siparmyknife
		# sipp
		sipp 
		# sipsak
		sipsak 
		# sipvicious
		sipvicious 
		# slowhttptest
		slowhttptest 
		# spike
		spike 
		# t50
		# thc-ssl-dos
		# unix-privesc-check
		# voiphopper
		# yersinia
		yersinia 
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-web.nix +116 -0
@@ 1,116 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# apache-users
		# apache2
		# beef-xss
		# burpsuite
		burpsuite 
		# cadaver
		cadaver 
		# commix
		commix 
		# cutycapt
		# davtest
		davtest 
		# default-mysql-server
		# dirb
		dirb 
		# dirbuster
		# dotdotpwn
		# eyewitness
		# ferret-sidejack
		# ftester
		# hakrawler
		hakrawler 
		# hamster-sidejack
		# heartleech
		# httprint
		# httrack
		httrack 
		# hydra
		# hydra-gtk
		# jboss-autopwn
		# joomscan
		# jsql-injection
		# laudanum
		# lbd
		# maltego
		# medusa
		medusa 
		# mitmproxy
		mitmproxy 
		# ncrack
		ncrack 
		# nikto
		nikto 
		# nishang
		# nmap
		nmap 
		# oscanner
		# owasp-mantra-ff
		# padbuster
		padbuster 
		# paros
		# patator
		# php
		php 
		# php-mysql
		# plecost
		plecost 
		# proxychains4
		# proxytunnel
		# qsslcaudit
		# redsocks
		redsocks 
		# sidguesser
		# siege
		siege 
		# skipfish
		# slowhttptest
		slowhttptest 
		# sqldict
		# sqlitebrowser
		sqlitebrowser 
		# sqlmap
		sqlmap 
		# sqlninja
		# sqlsus
		# ssldump
		ssldump 
		# sslh
		sslh 
		# sslscan
		sslscan 
		# sslsniff
		# sslsplit
		sslsplit 
		# sslyze
		# stunnel4
		# thc-ssl-dos
		# tlssled
		# tnscmd10g
		# uniscan
		# wafw00f
		wafw00f 
		# wapiti
		wapiti 
		# watobo
		# webacoo
		# webscarab
		# webshells
		# weevely
		# wfuzz
		wfuzz 
		# whatweb
		whatweb 
		# wireshark
		wireshark 
		# wpscan
		wpscan 
		# xsser
		xsser 
		# zaproxy
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-windows-resources.nix +23 -0
@@ 1,23 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# dbd
		# dnschef
		dnschef 
		# heartleech
		# hyperion
		# mimikatz
		# ncat-w32
		# ollydbg
		# powercat
		# regripper
		# sbd
		# secure-socket-funneling-windows-binaries
		# shellter
		# tftpd32
		# wce
		# windows-binaries
		# windows-privesc-check
	];
}
\ No newline at end of file

A  => profiles/kali/kali-tools-wireless.nix +16 -0
@@ 1,16 @@
{ pkgs, ... }:
{
	# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING
	environment.systemPackages = with pkgs; [
		# kali-tools-802-11
		# kali-tools-bluetooth
		# kali-tools-rfid
		# kali-tools-sdr
		# rfcat
		# rfkill
		# sakis3g
		# spectools
		# wireshark
		wireshark 
	];
}
\ No newline at end of file

A  => profiles/kali/meta.nix +35 -0
@@ 1,35 @@
{ config, lib, ... }:
let 
 imports = [ 
		./kali-linux-core.nix
		./kali-linux-default.nix
		./kali-linux-everything.nix
		./kali-linux-headless.nix
		./kali-linux-labs.nix
		./kali-linux-large.nix
		./kali-tools-802-11.nix
		./kali-tools-bluetooth.nix
		./kali-tools-crypto-stego.nix
		./kali-tools-database.nix
		./kali-tools-exploitation.nix
		./kali-tools-forensics.nix
		./kali-tools-fuzzing.nix
		./kali-tools-gpu.nix
		./kali-tools-hardware.nix
		./kali-tools-information-gathering.nix
		./kali-tools-passwords.nix
		./kali-tools-post-exploitation.nix
		./kali-tools-reporting.nix
		./kali-tools-reverse-engineering.nix
		./kali-tools-rfid.nix
		./kali-tools-sdr.nix
		./kali-tools-sniffing-spoofing.nix
		./kali-tools-social-engineering.nix
		./kali-tools-top10.nix
		./kali-tools-voip.nix
		./kali-tools-vulnerability.nix
		./kali-tools-web.nix
		./kali-tools-windows-resources.nix
		./kali-tools-wireless.nix
	];
in { inherit imports; }

A  => profiles/pentest.nix +67 -0
@@ 1,67 @@
{ config, modulesPath, pkgs, lib, ... }:
{
	imports = [ 
		./kali/kali-tools-top10.nix 
		./kali/kali-linux-core.nix
		#./kali/kali-linux-default.nix
		#./kali/kali-linux-everything.nix
		#./kali/kali-linux-headless.nix
		#./kali/kali-linux-labs.nix
		#./kali/kali-linux-large.nix
		#./kali/kali-tools-802-11.nix
		#./kali/kali-tools-bluetooth.nix
		#./kali/kali-tools-crypto-stego.nix
		#./kali/kali-tools-database.nix
		#./kali/kali-tools-exploitation.nix
		#./kali/kali-tools-forensics.nix
		#./kali/kali-tools-fuzzing.nix
		#./kali/kali-tools-gpu.nix
		#./kali/kali-tools-hardware.nix
		#./kali/kali-tools-information-gathering.nix
		#./kali/kali-tools-passwords.nix
		#./kali/kali-tools-post-exploitation.nix
		#./kali/kali-tools-reporting.nix
		#./kali/kali-tools-reverse-engineering.nix
		#./kali/kali-tools-rfid.nix
		#./kali/kali-tools-sdr.nix
		#./kali/kali-tools-sniffing-spoofing.nix
		#./kali/kali-tools-social-engineering.nix
		#./kali/kali-tools-top10.nix
		#./kali/kali-tools-voip.nix
		#./kali/kali-tools-vulnerability.nix
		#./kali/kali-tools-web.nix
		#./kali/kali-tools-windows-resources.nix
		#./kali/kali-tools-wireless.nix
	];
	environment.systemPackages = with pkgs; [
		git
		curl
		gnupg
		restic
		gocryptfs
		##kali base
		#cifs-utils
		#netkittftp
		##iw
		##lvm2
		#mlocate
		##libressl
		#nfs-utils
		#openssh
		#openvpn
		#p7zip
		#parted
		##rfkill
		#samba
		#net-snmp
		#sudo
		#tcpdump
		##testdisk
		##netkit-tftp
		##tightvnc
		#tmux
		#unrar
		#vim
		#whois
	];
}

A  => qemu.nix +23 -0
@@ 1,23 @@
{ pkgs ? import <nixpkgs> {}, ... }:

let
  makeDiskImage = import <nixpkgs/nixos/lib/make-disk-image.nix>;
  #makeDiskImage = import <nixpkgs/nixos/lib/make-single-disk-zfs-image.nix>;
  evalConfig = import <nixpkgs/nixos/lib/eval-config.nix>;
  config = (evalConfig {
    modules = [ (import ./machine-config.nix) ];
  }).config;
in
  makeDiskImage {
    inherit pkgs config;
    lib = pkgs.lib;
    diskSize = 32000;
    #rootSize = 48000;
    #bootSize = 2048;
    #datasets = {
    #    "home" = {
    #    	mount = "/home/"
    #    };
    #}
    format = "qcow2-compressed";
  }

A  => template.nix +57 -0
@@ 1,57 @@
{ config, modulesPath, pkgs, lib, ... }:
{
  #imports = [ ./profiles/hosaka.nix ];
  imports = [ ./profiles/kali-xfce.nix ];
  #imports = [ ./profiles/pentest.nix ];
  #imports = [ ./profiles/debug.nix ];


  networking.hostName = "{{HOSTNAME}}";
  users.users.root.initialPassword = "{{PASSWORD}}";

  users.mutableUsers = false;
  users.groups.testers.gid = 1001;
  users.users.{{USERNAME}} = {
      isNormalUser  = true;
      home  = "/home/{{USERNAME}}";
      description  = "{{USERNAME}} User";
      group = "testers";
      extraGroups  = [ "wheel" "networkmanager" "testers" "audio" "input" "uinput" ];
      openssh.authorizedKeys.keys  = [ "{{SSH_PUB}}" ];
      initialPassword = "{{PASSWORD}}";
      uid = 1000;
  };
  networking.firewall = {
        enable = true;
        allowedTCPPorts = [ {{ALLOWED_TCP}} ];
        allowedUDPPortRanges = [ {{ALLOWED_UDP}} ];
  };
  boot.initrd.postDeviceCommands = pkgs.lib.mkBefore ''
	    mkdir -m 0700 -p /key
	    echo waiting...
	    sleep 2
	    mount -n -t ext4 -o ro `findfs LABEL=keydrive` /key || mount -n -t ext4 -o ro `findfs UUID={{UUID_KEY}}` /key
	  '';
  fileSystems."/home/{{USERNAME}}" = {
    device = "/dev/disk/by-label/user";
    fsType = "ext4";
    #TODO
    #options = [ "uid=${builtins.toString config.users.users.{{USERNAME}}.uid}" "gid=${builtins.toString config.users.groups.${config.users.users.{{USERNAME}}.group}.gid}" "dmask=007" "fmask=117" ];
    #options = [ "uid=1000" "gid=1000" ];
  };

  ## ZFS testing
  #fileSystems."/home/{{USERNAME}}" = {
  #  device = "pentest/home";
  #  fsType = "zfs";
  #};
  #environment.etc = {
  #  "zfs/user_key" = {
  #  	text = (builtins.readFile ./workspace/{{ID}}/mnt/user_key);
  #      mode = "0400";
  #      uid = 0;
  #      gid = 0;
  #  };
  #};
  #networking.hostId = "{{HOSTID}}";
}

A  => util/gen-list.sh +31 -0
@@ 1,31 @@
#!/bin/bash
# This extracts the kali metapackage lists and then parses the lists into a valid nix-package. Currently this ONLY matches the names that are exact matches in kali and nix so misses quite a few. It's just a way to do the hard manual work and then switch to a review model on the generated list. The output of this was initially placed in `profiles/kali/*`
setopt -e
curl -o 'meta-control' 'https://gitlab.com/kalilinux/packages/kali-meta/-/raw/kali/master/debian/control?inline=false'
# Clear meta-control into kali.list dynamically
cat meta-control  | grep -e 'Package:' -e ',$' | grep -v 'Depends:' | sed -e 's/,$//g' -e 's/ \[.*\]//g' -e 's/ | /\n /g' > kali.list
csplit -z kali.list '/^Package: .*$/' '{*}'
for packagegroup in xx*; do 
	NAME="$(cat $packagegroup | grep Package: | cut -d' ' -f2)"
	if [[ $NAME == kali-sbc-* || $NAME == kali-linux-nethunter || $NAME == kali-linux-firmware || $NAME == kali-desktop-*  || $NAME == kali-linux-arm ]]; then
		echo "SKIPPING $NAME"
		continue
	fi
	for package in $(cat $packagegroup | grep -v 'Package' | tr -d ' '); do
		echo "# $package" >> "$NAME"-nix
		echo "$NAME#$package"
		nix search --extra-experimental-features nix-command --extra-experimental-features flakes nixpkgs "legacyPackages.x86_64-linux.${package}\$" >> "$NAME"-nix
	done
done
WARNING='# THIS IS AN AUTOGENERATED LIST. MANUALLY REVIEW, SUBMIT A PATCH, AND REMOVE THIS WARNING'
for matched in *-nix; do
	PKGNAME="$(echo $matched | sed 's/-nix$//g')"
	printf '{ pkgs, ... }:\n{\n\t%s\n\tenvironment.systemPackages = with pkgs; [\n' "$PKGNAME" > "$PKGNAME.nix"
	cat "$matched"  | sed -e '/^\* /{n;d}' | sed -e 's/(.*)//g' -e 's/\x1b\[[0-9;]*m//g' | sed 's/\* legacyPackages\.x86_64-linux\.//g' | sed -e 's/^/\t\t/g' >> "$PKGNAME.nix"
	printf '\t];\n}' >> "$PKGNAME.nix"
done
rm xx*
rm *-nix
rm kali.list
rm meta-control


A  => zfs.nix +0 -0